|
196491
|
6.1 |
MEDIUM
Network
|
auth0
|
wp-auth0
|
A stored cross-site scripting (XSS) vulnerability exists in the Auth0 plugin before 4.0.0 for WordPress via the settings page.
|
CWE-79
Cross-site Scripting
|
CVE-2020-5392
|
2024-11-21 14:34 |
2020-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196492
|
8.8 |
HIGH
Network
|
auth0
|
wp-auth0
|
Cross-site request forgery (CSRF) vulnerabilities exist in the Auth0 plugin before 4.0.0 for WordPress via the domain field.
|
CWE-352
Origin Validation Error
|
CVE-2020-5391
|
2024-11-21 14:34 |
2020-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196493
|
7.5 |
HIGH
Network
|
yamaha
|
rtx830_firmware
nvr510_firmware
nvr700w_firmware
rtx1210_firmware
rtx5000_firmware
rtx3500_firmware
fwx120_firmware
rtx810_firmware
nvr500_firmware
rtx1200_firmware
|
Yamaha LTE VoIP Router(NVR700W firmware Rev.15.00.15 and earlier), Yamaha Gigabit VoIP Router(NVR510 firmware Rev.15.01.14 and earlier), Yamaha Gigabit VPN Router(RTX810 firmware Rev.11.01.33 and ear…
|
NVD-CWE-noinfo
|
CVE-2020-5548
|
2024-11-21 14:34 |
2020-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196494
|
9.8 |
CRITICAL
Network
|
lifterlms
|
lifterlms
|
LifterLMS Wordpress plugin version below 3.37.15 is vulnerable to arbitrary file write leading to remote code execution
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-6008
|
2024-11-21 14:34 |
2020-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196495
|
7.5 |
HIGH
Network
|
grandstream
|
ucm6202_firmware
ucm6204_firmware
ucm6208_firmware
|
The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the CTI server on port 8888. A remote unauthenticated attacker can invoke the challenge action with a crafted use…
|
CWE-89
SQL Injection
|
CVE-2020-5726
|
2024-11-21 14:34 |
2020-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196496
|
5.9 |
MEDIUM
Network
|
grandstream
|
ucm6202_firmware
ucm6204_firmware
ucm6208_firmware
|
The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the HTTP server's websockify endpoint. A remote unauthenticated attacker can invoke the login action with a craft…
|
CWE-89
SQL Injection
|
CVE-2020-5725
|
2024-11-21 14:34 |
2020-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196497
|
7.5 |
HIGH
Network
|
grandstream
|
ucm6202_firmware
ucm6204_firmware
ucm6208_firmware
|
The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the HTTP server's websockify endpoint. A remote unauthenticated attacker can invoke the challenge action with a c…
|
CWE-89
SQL Injection
|
CVE-2020-5724
|
2024-11-21 14:34 |
2020-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196498
|
9.8 |
CRITICAL
Network
|
grandstream
|
ucm6202_firmware
ucm6204_firmware
ucm6208_firmware
|
The UCM6200 series 1.0.20.22 and below stores unencrypted user passwords in an SQLite database. This could allow an attacker to retrieve all passwords and possibly gain elevated privileges.
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2020-5723
|
2024-11-21 14:34 |
2020-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196499
|
7.5 |
HIGH
Network
|
mitsubishielectric
|
cr800-q_firmware
fx3g_firmware
fx3gc_firmware
fx3s_firmware
fx3u_firmware
fx3uc_firmware
fx5u_firmware
fx5uc_firmware
fx5uj_firmware
l02cpu_firmware
l02cpu-p_firmware
When MELSOFT transmission port (UDP/IP) of Mitsubishi Electric MELSEC iQ-R series (all versions), MELSEC iQ-F series (all versions), MELSEC Q series (all versions), MELSEC L series (all versions), an…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2020-5527
|
2024-11-21 14:34 |
2020-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
196500
|
8.8 |
HIGH
Adjacent
|
toyota
|
display_control_unit
|
Toyota 2017 Model Year DCU (Display Control Unit) allows an unauthenticated attacker within Bluetooth range to cause a denial of service attack and/or execute an arbitrary command. The affected DCUs …
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-5551
|
2024-11-21 14:34 |
2020-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
